New Survey from DomainTools Reveals More than Half of Summer Travelers are Unaware of Phishing Scams

SEATTLE - June 25, 2019 Today, DomainTools, the leader in domain name and DNS-based cyber threat intelligence, announced new research that sheds light on consumer awareness around phishing when booking summer travel. The survey of 1,000+ U.S.-based consumers explores the potential correlation between an uptick in travel-related scams during the summer months and the general lack of awareness around phishing as it relates to booking travel online. Despite 58% of respondents being aware of phishing in general, 54% are unaware they might be ripe targets when booking their summer travel, setting the stage for a jump in malicious activity during the summer months.

According to the IBM X-Force Threat Intelligence Index, since January 2018 alone, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches. The travel industry is a prime target for bad actors, as booking vacation often requires expensive purchases and the disclosure of personal information online. Of the respondents in DomainTools’ survey that shared they are familiar with phishing scams aimed at the travel and hospitality industry, nearly 40% revealed they had been tricked by an attempted scam. Overall, the survey findings further shed light on consumers’ habit of overlooking key details while making online purchases and the larger issue of unawareness around what could ultimately cost them money or personal information.

As part of this research, DomainTools conducted additional investigation via its PhishEye solution. In a two-week period, more than 70 spoofed domains were created in an attempt to imitate vacation rental company Airbnb. The volume of spoofed domains in this short span of time further demonstrates the heightened efforts of bad actors targeting travelers at this time of year. Some examples of fraudulent domains with a Risk Score of 70+ (scores of 70-99 predict potentially malicious domains before they are weaponized) in this research include:

airbnbpromo[.]net

airbnbprices[.]com

airbnb-bookins[.]review

airbnbhostpr[.]com

airbnb-update[.]org

checkin-airbnb[.]com

airbnbvrbo[.]com

airbnbb[.]net

airbnbexclusive[.]com

“While the most popular sites such as Airbnb, Expedia and Alaska Air could be at risk of phishing attempts, we found that many of the people who use these sites are unaware of the potential dangers of booking travel online,” said Corin Imai, senior security advisor for DomainTools. “More than half of respondents indicated that they are unfamiliar with phishing campaigns that specifically target travel and hospitality sites and three-quarters of respondents were unsure if they had even fallen victim to a scam. While popular sites like Airbnb take it upon themselves to protect their customers, consumers need to remain vigilant while shopping online, and the security industry as a whole is encouraged to educate consumers to put proper defenses in place. The reality is, no person or site is exempt from falling for a scam unless we encourage awareness and put precautions in place to prevent it from happening.”

Additional takeaways from the survey include:

Of the 27% of respondents who have clicked on a link or email that they thought was from a trusted travel company only to find out that it was an attempted scam, 20% reported their personal information was compromised, while 71% revealed they’re unaware anything bad had happened.

Respondents who are “very” aware of phishing prioritize best practices such as going directly to the website of the travel company they book through (71%) and taking closer looks at URLs used in emails to ensure legitimacy (59%).

55% of respondents say they can determine a phishing email from a legitimate one based on how the email looks. Despite this tactic, of this group, 26% admit they have fallen victim to phishing.

Those who book summer travel online are advised to take the following steps to ensure they stay safe this season and enjoy their time off:

Closely monitor domains that imitate leading travel, airline and booking companies with typos or disguised letters (e.g., ‘rn’ written to appear like the letter ‘m’).

Book directly through the airline or vacation rental site rather than a third-party as a safer alternative.

Stay up to date on the latest scams that circulate through the web, and avoid high-pressure tactics (e.g., “Book now!” or “Only three tickets left!”).

Go back to the old school ways, and call the airline or travel company directly to confirm a reservation is in your name.

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at http://www.1081377.com or follow us on Twitter: @domaintools.